Certificate threat intelligence
The Certificate Threat Intelligence APIs help security teams investigate code signing certificates, identify samples signed with specific certificates, and detect impersonation attempts using compromised or malicious certificates.
Common Use Cases
Find samples signed with a certificate
- Certificate index (TCA-0501) - Get a list of files signed with a specific certificate thumbprint, with optional filtering by classification status.
Analyze certificate reputation
- Certificate analytics (TCA-0502) - Get certificate reputation data including sample counts by classification, blacklist/whitelist status, threat level, and certificate chain of trust.
Search for certificates by name
- Certificate thumbprint search (TCA-0503) - Find certificate thumbprints by searching for common names or partial matches using wildcards.
All Certificate Threat Intelligence APIs
📄️ Certificate index (TCA-0501)
Spectra Intelligence TCA-0501 lists files signed with specific certificates with reputation and metadata
📄️ Certificate analytics (TCA-0502)
Spectra Intelligence TCA-0502 provides certificate reputation with sample statistics and chain-of-trust analysis
📄️ Certificate thumbprint search (TCA-0503)
Spectra Intelligence TCA-0503 searches for certificate thumbprints by common name with wildcard support